[Pmwiki-users] Re: Re: Re: Edit password also used to read pages in PmWiki 2?
chr@home.se
chr
Sat Nov 20 15:39:44 CST 2004
On Sat, 20 Nov 2004, Patrick R. Michaud wrote:
> On Sat, Nov 20, 2004 at 04:05:31PM +0100, chr at home.se wrote:
> > Hmm... interesting. But.. is there anything that prevents a person from
> > adding (:include ...:) to e.g. the sandbox, thereby seeing what's in a
> > page that's supposed to be read protected?
> >
> > Or does pmwiki check for read passwords of pages that are included?
>
> PmWiki checks for read passwords of pages that are included,
> but it won't prompt for passwords for those pages--it only uses
> the passwords that have already been entered as candidates for
> the (:include:)'d pages.
Ok, so if an included page requires a read password that hasn't been
entered yet, it fails. Is this indicated somehow? (Or is it a silent
failure?)
These passwords.. are they stored in a cookie or something? And are they
associated with a specific page? So the cookie contains something like:
page name, read pwd, edit pwd, ...
/Christian
--
Christian Ridderstr?m, +46-8-768 39 44 http://www.md.kth.se/~chr
More information about the pmwiki-users
mailing list